DreamTeams in Tableau is On Premise only. In this guide, we will walk you through the installation process of DreamTeams. Luckily, this process is very easy and you’ll be up-and-running in no time.


Admin access to Azure Portal to create an App Service.


You will need the following files that come with DreamTeams. You can download these from the enterprise portal. From the portal, you can pick the operating system of your choice.

  1. An .env.example file (on some systems a hidden file)
  2. A .trex file
  3. A binary build file (specific to your operating system)
  4. A license.lic file (download from the Enterprise Portal)

1. Create an App Registry in Azure

  1. Login to your Azure portal with administrator privileges.
  2. Go to
  3. Search for App Registration in the top search bar.
  4. Click on new registration.
  5. Give a name to the application, Eg: “DreamTeams”
  6. Under supported account types, choose the first option “Accounts in this organisational directory only (single tenant)”. This option will enable this app only for your organization.
  7. In the redirect URL, enter the domain made for DreamTeams as a result of the general Enterprise installation procedure described before. Now add /redirect to it. For eg: You have successfully created an app registry after completing this step. We now have to finish the configuration of the extension server.


Create a “Secret” with your App

Once the app is registered in your Azure environment, we can set up the connection with the DreamTeams extension via a “secret” key. This procedure is described below. This must also be done by an Azure user with administrator priveleges.

  1. On the left pane, click on Certificates & secrets.
  2. Click on ‘New Client Secret’.
  3. Give a description and set an expiration time period.

    Click Add.
  4. Copy the Value of the Client Secret (the secret is blurred with asterisks in this manual for security reasons). IMPORTANT: The client value is only visible during creation. Please note it down / copy it carefully.

  5. Head over to the installation folder of your DreamTeams server installation (described in previous steps)
  6. In your DreamTeams server installation folder copy the “env.example” file and rename your copy to “.env” .
  7. Check the available information and add the following properties:
    CLIENT_TOKEN = Application (client) ID (see image below)
    CLIENT_SECRET= The value of the ‘secret’ you just copied/stored from the previous step.
    TENANT_ID= Directory (tenant) ID (see image below)


Install the extension

We have successfully set up the Azure implementation. The last step is to install the binary as a server. You can use our enterprise installation guide for this. The only difference is that you set the key and certificate paths in the .env instead of using them in the start command.

Enterprise installation guide

Configure the .trex file

Change the url tag in the .trex file to the url you will use to host DreamTeams. The url port should match with the “APP_PORT” you specified in the .env file.

Allow the app to run

The last step for the Azure admin is to go to the domain you are running DreamTeams on and allow the app: this will trigger a popup and ask you to allow the app. After this step DreamTeams is ready to go!

Using the extension

Now that everything is set up, you’re ready to use the extension in Tableau with the .trex file. If you want to know more about how to use the extension, we have prepared a guide to get you started.

DreamTeams Permissions explained

  • Read (admin consent not required) – Allows users to sign-in to the app and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users. This permission is used to read your profile’s basic description.
  • ReadBasic.All (admin consent not required) – Read the names and descriptions of teams, on behalf of the signed-in user. This permission is used to read all the teams you are a part of.
  • ReadBasic.All (Admin consent not required) – Read channel names and channel descriptions, on behalf of the signed-in user. This permission is used to read the channel names of each team.
  • Read.All (Admin Consent required) – Allows the app to list groups, read basic group properties and read membership of all groups the signed-in user has access to. This permission is used to read the names of all the members of a team.
  • ReadWrite (Admin consent not required) – Allows an app to read and write 1 on 1 or group chats threads, on behalf of the signed-in user. This permission is used to read chat’s names, write a message into a chat and to also real names of members that are part of the chat.
  • Send (Admin consent not required) – Allows an app to send channel messages in Microsoft Teams, on behalf of the signed-in user. This permission is used to send a message in a channel
  • Openid (admin consent not required) – Allows users to sign in to the app with their work or school accounts and allows the app to see basic user profile information. We use this to login the Microsoft user.